Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2025/06/20 5:21 p.m.8 views

CVE-2025-52484 RISC Zero zkVM Underconstrained Vulnerability

RISC Zero is a general computing platform based on zk-STARKs and the RISC-V microarchitecture. Due to a missing constraint in the rv32im circuit, any 3-register RISC-V instruction including remu and divu in risc0-zkvm 2.0.0, 2.0.1, and 2.0.2 are vulnerable to an attack by a malicious prover. The...

6.9CVSS7.2AI score0.00237EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.8 views

PT-2025-26449 · Risc Zero · Risc0-Zkvm

Name of the Vulnerable Software and Affected Versions: risc0-zkvm versions 2.0.0 through 2.0.2 Description: The issue is due to a missing constraint in the rv32im circuit, allowing a malicious prover to attack any 3-register RISC-V instruction, including remu and divu, by confusing the RISC-V...

6.9CVSS6.4AI score0.00237EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2025/05/22 9:17 p.m.9 views

CVE-2021-1104

The RISC-V Instruction Set Manual contains a documented ambiguity for the Machine Trap Vector Base Address MTVEC register that may lead to a vulnerability due to the initial state of the register not being defined, potentially leading to information disclosure, data tampering and denial of servic...

9.8CVSS6.8AI score0.01663EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2022/07/18 11:15 p.m.2 views

CVE-2022-34643

RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 implements the incorrect exception priotrity when accessing memory...

5.5CVSS5.9AI score0.00215EPSS
Exploits1References2
Rows per page
Query Builder